<%@ page import="java.sql.*" %><%--
  Created by IntelliJ IDEA.
  User: 李学健
  Date: 2024/3/14
  Time: 12:37
  To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
    <title>Title</title>
</head>
<body>
<h1 style="color: #3880c2">
    登录页面
</h1>
<h1 style="color: #3880c2">
    <a href="index.jsp" style="color: crimson">返回主页面</a>
</h1>
<%
    //这个要设置在传输数据之前
    request.setCharacterEncoding("UTF-8");
%>
<form method="post" <%--action="" 不写默认本页面？--%>>
    <label>
        用户名
        <input name="username" type="text">
    </label>
    <label>
        密码
        <input name="password" type="password">
    </label>
    <input type="submit" name="submit"<%--这个name要写一下，不然request找不到--%> value="用户登录">
    <input type="submit" name="submit1" value="管理员登录">
</form>
<%
    //用字段deleted判断是否为管理员
    //0为用户，1为管理员
    //用户登录
    if (request.getParameter("submit") != null) {
        request.setCharacterEncoding("UTF-8");
        String username = request.getParameter("username");
        String password = request.getParameter("password");
        try {
            Class.forName("com.mysql.cj.jdbc.Driver");
            Connection connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/mybatis?useUnicode=true&characterEncoding=UTF-8&zeroDateTimeBehavior=convertToNull&serverTimezone=Asia/Shanghai", "root", "123456");
            PreparedStatement preparedStatement = connection.prepareStatement("select * from user where username=?and password=?and deleted =0");
            preparedStatement.setString(1, username);
            preparedStatement.setString(2, password);
            ResultSet resultSet = preparedStatement.executeQuery();

            //登录失败不保存session
            if (!resultSet.next()) {
                out.print("登录失败");
            } else {
                //查到了，保存id到session后面大概率要用
                int userId = resultSet.getInt(1);
                //成功，保存session
                session.setAttribute("userId", userId);
                session.setAttribute("username", username);
                session.setAttribute("isAdmin", false);
                //登录成功自动跳转到userPage(且没有错误)
                response.sendRedirect("userPage.jsp");
            }
            preparedStatement.close();
            connection.close();
        } catch (Exception e) {
            out.print(e.getMessage());
            e.printStackTrace();
        }
    }

    //管理员登录
    if (request.getParameter("submit1") != null) {
        request.setCharacterEncoding("UTF-8");
        String username = request.getParameter("username");
        String password = request.getParameter("password");
        try {
            //因为要多次使用查询，用的是Statement对象，至于区别不太清楚

            Class.forName("com.mysql.cj.jdbc.Driver");
            Connection connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/mybatis?useUnicode=true&characterEncoding=UTF-8&zeroDateTimeBehavior=convertToNull&serverTimezone=Asia/Shanghai&useSSL=false", "root", "123456");
            Statement statement = connection.createStatement();
            //注意，这边查询的时候，username和password都要加上单引号，这样sql查询的时候才知道它们是“字符”
            //最好的办法就是抄这边的
            ResultSet resultSet = statement.executeQuery("SELECT * FROM user WHERE username='" + username + "' AND password='" + password + "'" + " AND deleted=1");
            //记录是否查询到了数据
            if (!resultSet.next()) {
                out.print("登录失败");
            } else {
                //成功，保存session,记录身份
                session.setAttribute("username", username);
                session.setAttribute("password", password);
                session.setAttribute("isAdmin", true);
                //登录成功自动跳转到adminPage
                response.sendRedirect("adminPage.jsp");
            }
            statement.close();
            connection.close();
        } catch (Exception e) {
            out.print(e.getMessage());
            e.printStackTrace();
        }
    }
%>
</body>
</html>

